rushitote commented on issue #4922: URL: https://github.com/apache/apisix/issues/4922#issuecomment-908036613
@mamalianggf So, this plugin has a fixed request size of 3 variables i.e. `sub, obj, act` which is the username, the URL path and the request method. These three variables are always passed in the enforcement request. There was an error because you have defined the request as two parameters while three parameters are being passed in. So you could keep your model and policy as it is with just one change in the `request_definition` to make it like this: ```conf [request_definition] r = sub, obj, act ``` > so,when I execute the following command,I expect the response to remind me that I forgotten the header parameter,but it not Here, if the header parameter isn't passed in the request - it won't give out an error instead it will use `anonymous` as the subject (username) and get the result of enforcement. In this case, it will result in false (since `anonymous` can't access anything as per the policy) and return the 403 status code. Let me know if you have any more questions. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
